CVSS: 7.8EPSS: 0%CPEs: 234EXPL: 0CVE-2021-30269
https://notcve.org/view.php?id=CVE-2021-30269
03 Jan 2022 — Possible null pointer dereference due to lack of TLB validation for user provided address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible desreferencia de puntero null debido a una falta de comprobación de TLB para la dirección proporcionada por el usuario en Snapdragon Auto, Snapdragon Compute, Snapdragon Conn... • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 234EXPL: 0CVE-2021-1894
https://notcve.org/view.php?id=CVE-2021-1894
03 Jan 2022 — Improper access control in TrustZone due to improper error handling while handling the signing key in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un control de acceso inapropiado en TrustZone debido a un manejo inapropiado de errores mientras es manejada la clave de firma en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdr... • https://www.qualcomm.com/company/product-security/bulletins/december-2021-bulletin • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 9.1EPSS: 0%CPEs: 292EXPL: 0CVE-2021-30284
https://notcve.org/view.php?id=CVE-2021-30284
12 Nov 2021 — Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible exposición de la información y denegación de servicio debido a que el NAS no deja caer los mensajes cuando falla la comprobación de integridad en Snapdragon Auto, Snapdragon Compute, Snapdr... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.7EPSS: 0%CPEs: 408EXPL: 0CVE-2021-30266
https://notcve.org/view.php?id=CVE-2021-30266
12 Nov 2021 — Possible use after free due to improper memory validation when initializing new interface via Interface add command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un posible uso de memoria previamente liberada debido a una comprobación inapropiada de la memoria cuando es inicializada una nueva interfaz mediante el comando Interface add en Snapdrago... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-416: Use After Free •
CVSS: 6.7EPSS: 0%CPEs: 388EXPL: 0CVE-2021-30264
https://notcve.org/view.php?id=CVE-2021-30264
12 Nov 2021 — Possible use after free due improper validation of reference from call back to internal store table in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un posible uso de memoria previamente liberada debido a la comprobación inapropiada de la referencia de la llamada a la tabla de almacenamiento interno en Snapdragon Auto, Snapdragon Connectivity, Snap... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 316EXPL: 0CVE-2021-30259
https://notcve.org/view.php?id=CVE-2021-30259
12 Nov 2021 — Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un posible acceso fuera de límites debido a una comprobación inapropiada de las entradas de la tabla de funciones en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer ... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 326EXPL: 0CVE-2021-30254
https://notcve.org/view.php?id=CVE-2021-30254
12 Nov 2021 — Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un posible desbordamiento del búfer debido a una comprobación de entrada inapropiada en la calibración de fábrica y el comando DIAG de prueba en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sna... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 244EXPL: 0CVE-2021-1979
https://notcve.org/view.php?id=CVE-2021-1979
12 Nov 2021 — Possible buffer overflow due to improper validation of FTM command payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Posible desbordamiento del búfer debido a una comprobación inapropiada de la carga útil del comando FTM en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 360EXPL: 0CVE-2021-1975
https://notcve.org/view.php?id=CVE-2021-1975
12 Nov 2021 — Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables Posible desbordamiento de la pila debido a una comprobación inapropiada de la longitud del dominio mientras se analiza la respuesta DNS en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon In... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 0%CPEs: 634EXPL: 0CVE-2021-1924
https://notcve.org/view.php?id=CVE-2021-1924
12 Nov 2021 — Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una revelación de información mediante canales laterales de tiempo y energía durante la exponenciación de mods para RSA-CRT en Snapdragon ... • https://www.qualcomm.com/company/product-security/bulletins/november-2021-bulletin • CWE-203: Observable Discrepancy •